CVE-2019-13533

Published: Dec 16, 2019Modified: Jun 2, 2026

8.1

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H

Exploitability: 2.2 / Impact: 5.3

Source: NVD

Description

In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.

Affected (2)

Products: Omron: Plc Cj Firmware, Plc Cs Firmware

Omron

2 products

Plc Cj Firmware

Plc Cs Firmware

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Omron Plc Cj Firmware	All versions
Omron Plc Cs Firmware	All versions

Related CWEs

CWE-294

Authentication Bypass by Capture-replay

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

References (2)

https://www.us-cert.gov/ics/advisories/icsa-19-346-02

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://www.us-cert.gov/ics/advisories/icsa-19-346-02

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.